Abstract
Cloud computing is a more advanced technology for distributed processing, e.g., a thin client and grid computing, which is implemented by means of virtualization technology for servers and storages, and advanced network functionalities. However, this technology has certain disadvantages such as monotonous routing for attacks, easy attack method, and tools. This means that all network resources and operations are blocked all at once in the worst case. Various studies such as pattern analyses and network-based access control for infringement response based on Infrastructure as a Service, Platform as a Service and Software as a Service in cloud computing services have therefore been recently conducted. This study proposes a method of integration between HTTP GET flooding among Distributed Denial-of-Service attacks and MapReduce processing for fast attack detection in a cloud computing environment. In addition, experiments on the processing time were conducted to compare the performance with a pattern detection of the attack features using Snort detection based on HTTP packet patterns and log data from a Web server. The experimental results show that the proposed method is better than Snort detection because the processing time of the former is shorter with increasing congestion.
This is a preview of subscription content, log in via an institution to check access.
Similar content being viewed by others
Explore related subjects
Discover the latest articles, news and stories from top researchers in related subjects.References
Bakshi A, Yogesh B (2010) Securing cloud from DDoS attacks using intrusion detection system in virtual machine, 2nd International conference on communication software and networks, pp 260–264
Byers S, Robin AD, Kormann D (2004) Defending Against an Internet-Based Attack on the Physical World. ACM Trans Internet Technol 4(3):239–254
Cheng J, Yin J, Liu Y, Cai Z, Li M (2009) DDoS attack detection algorithm using IP address features. In: Proceedings of Third International Workshop, Hefei, China, pp 207–215
Choi J, Choi C, Yim K, Kim J, Kim P (2013) Intelligent reconfigurable method of cloud computing resources for multimedia data delivery. Informatica 24(3):381–394
De Santis A, Castiglione A, Fiore U, Palmieri F (2013) An intelligent security architecture for distributed firewalling environments. J Ambient Intell Humaniz Comput 4(2):223–234
Garber L (2000) Denial-of-service attacks rip the Internet. IEEE Comput 33(4):12–17
Huang HD, Lee CS, Wang MH, Kao HY (2014) IT2FS-based ontology with soft-computing mechanism for malware behavior analysis. Soft Comput 18(2):267–284
Korea Internet and Security Agency (2011) Study on the detection and mitigation algorithm for session consuming DDoS attacks on Web service, KISA-WP-2010-0056
Lammel R (2008) Google’s MapReduce programming model—Revisited. Sci Comput Program 70(1):1–30
Lin CH, Lin HY, Wu TW, Chen YH, Huang CH (2013) Preserving quality of service for normal users against DDoS attacks by using double check priority queues. J Ambient Intell Humaniz Comput 4(2):1–8
Mishra A, Gupta BB, Joshi RC (2011) A comparative study of distributed denial of service attacks, intrusion tolerance and mitigation techniques, intrusion tolerance and mitigation techniques. In: Proceedings of the 2011 European intelligence and security informatics conference, Athens, Greece, pp 286–289
Noh S, Jung G, Choi K, Lee C (2008) Compiling network traffic into rules using soft computing methods for the detection of flooding attacks. Appl Soft Comput 8(3):1200–1210
Patrikakis C, Masikos M, Zouraraki O (2004) Distributed denial of service attacks. Int Protocol J 7(4):13–35
Suriadi S, Stebila D, Clark A, Hua Liu (2011) Defending web services against denial of service attacks using client puzzles. In: 2011 IEEE International conference on web services, pp 25–32
Vladimirova T, Yuhaniz S (2011) An intelligent decision-making system for flood monitoring from space. Soft Comput 15(1):13–24
Acknowledgments
This research was supported by Basic Science Research Program through the National Research Foundation of Korea (NRF) funded by the Ministry of Education (No. 2013R1A1A2A10011667).
Author information
Authors and Affiliations
Corresponding author
Additional information
Communicated by A. Castiglione.
Rights and permissions
About this article
Cite this article
Choi, J., Choi, C., Ko, B. et al. A method of DDoS attack detection using HTTP packet pattern and rule engine in cloud computing environment. Soft Comput 18, 1697–1703 (2014). https://doi.org/10.1007/s00500-014-1250-8
Published:
Issue Date:
DOI: https://doi.org/10.1007/s00500-014-1250-8